package io.r2mo.spring.security.oauth2;

import cn.hutool.extra.spring.SpringUtil;
import io.r2mo.spring.security.config.SecurityWebConfigurerBase;
import io.r2mo.spring.security.extension.SpringAuthenticator;
import io.r2mo.spring.security.oauth2.config.ConfigOAuth2;
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.web.servlet.handler.HandlerMappingIntrospector;

/**
 * OAuth2 Security 配置器（Bean 级别配置协调器）
 * <p>
 * 负责协调各个 Bean 配置组件：
 * - OAuth2SecurityEncoder（JWT/Opaque Token 编解码器）
 * - OAuth2SecurityRegisteredClient（客户端注册）
 * - OAuth2SecurityAuthorizationServer（Authorization Server 设置）
 * <p>
 * 注意：SecurityFilterChain 的配置在 OAuth2SpringAuthenticator 中完成
 *
 * @author lang : 2025-11-13
 */
@Configuration
@Slf4j
public class OAuth2SpringConfigurer extends SecurityWebConfigurerBase {

    private final ConfigOAuth2 oauth2Config;

    public OAuth2SpringConfigurer() {
        super();
        this.oauth2Config = SpringUtil.getBean(ConfigOAuth2.class);
    }

    @Override
    public void configure(final HttpSecurity http, final HandlerMappingIntrospector introspector) {
        if (this.oauth2Config == null || !this.oauth2Config.isOn()) {
            log.debug("[ R2MO ] OAuth2 未启用或配置缺失，跳过“资源服务器”配置");
            return;
        }


        final SpringAuthenticator authenticator = SpringAuthenticator.of(this.config(), OAuth2SpringAuthResource::new);
        authenticator.configure(http, this.handler());
    }

    @Override
    public void configureHighPriority(final HttpSecurity http, final HandlerMappingIntrospector introspector) {
        if (this.oauth2Config == null || !this.oauth2Config.isOn()) {
            log.debug("[ R2MO ] OAuth2 未启用或配置缺失，跳过“认证授权服务器”配置");
            return;
        }

        final SpringAuthenticator authenticator = SpringAuthenticator.of(this.config(), OAuth2SpringAuthPredicate::new);
        authenticator.configure(http, this.handler());
    }
}
